tripleo-heat-templates/overcloud.j2.yaml

1418 lines
56 KiB
YAML

{%- set primary_role = [roles[0]] -%}
{%- for role in roles -%}
{%- if 'primary' in role.tags and 'controller' in role.tags -%}
{%- set _ = primary_role.pop() -%}
{%- set _ = primary_role.append(role) -%}
{%- endif -%}
{%- endfor -%}
{%- set primary_role_name = primary_role[0].name -%}
# primary role is: {{primary_role_name}}
heat_template_version: wallaby
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
roles enable independent scaling of the storage components, but the minimal
deployment is one Controller and one Compute node.
# TODO(shadower): we should probably use the parameter groups to put
# some order in here.
parameters:
# Common parameters (not specific to
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
CloudName:
default: overcloud.localdomain
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
# TODO (dsneddon) Legacy name, eventually refactor to match network name
PublicVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the PublicVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
{%- elif network.name == 'InternalApi' %}
# Special case the Internal API hostname param, which is CloudNameInternal
CloudNameInternal:
default: overcloud.{{network.name.lower()}}.localdomain
description: >
The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
{%- elif network.name == 'StorageMgmt' %}
# Special case StorageMgmt hostname param, which is CloudNameStorageManagement
CloudNameStorageManagement:
default: overcloud.{{network.name.lower()}}.localdomain
description: >
The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
{%- else %}
CloudName{{network.name}}:
default: overcloud.{{network.name.lower()}}.localdomain
description: >
The DNS name of this cloud's {{network.name_lower}} endpoint. E.g.
'ci-overcloud.{{network.name.lower()}}.tripleo.org'.
type: string
{%- endif %}
{{network.name}}VirtualFixedIPs:
default: []
description: >
Control the IP allocation for the {{network.name}}VirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
{%- endfor %}
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
The DNS name of this cloud's provisioning network endpoint. E.g.
'ci-overcloud.ctlplane.tripleo.org'.
type: string
ExtraHostFileEntries:
default: []
description: List of extra hosts entries to be appended to /etc/hosts
type: comma_delimited_list
UndercloudHostsEntries:
default: []
description: >
List of undercloud hosts entries to be appended to /etc/hosts. The
value is populated with the HEAT_HOSTS entries on the undercloud by
tripleoclient when running deploy.
type: comma_delimited_list
EndpointMapOverride:
default: {}
description: Can be used to override the calcluated EndpointMap
type: json
ExtraConfig:
default: {}
description: |
Additional hiera configuration to inject into the cluster.
type: json
DeployedServerPortMap:
default: {}
type: json
NeutronControlPlaneID:
default: 'ctlplane'
type: string
description: Neutron ID or name for ctlplane network.
NeutronPhysicalBridge:
default: 'br-ex'
description: An OVS bridge to create for accessing external networks.
type: string
NeutronPublicInterface:
default: nic1
description: Which interface to add to the NeutronPhysicalBridge.
type: string
ControlPlaneSubnet:
description: The name of the undercloud Neutron control plane subnet
default: ctlplane-subnet
type: string
ControlPlaneSubnetCidr:
default: ''
description: >
The subnet CIDR of the control plane network. (The parameter is
automatically resolved from the ctlplane subnet's cidr attribute.)
type: string
DnsSearchDomains: # Override this via parameter_defaults
default: []
description: A list of DNS search domains to be added (in order) to resolv.conf.
type: comma_delimited_list
ControlFixedIPs:
default: []
description: >
Control the IP allocation for the ControlVirtualIP port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
RabbitCookieSalt:
type: string
default: unset
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
CloudDomain:
default: 'localdomain'
type: string
description: >
The DNS domain used for the hosts. This must match the
overcloud_domain_name configured on the undercloud.
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
the overcloud. It's accessible via the Nova metadata API.
type: json
# Compute-specific params
# FIXME(shardy) handle these deprecated names as they don't match compute.yaml
HypervisorNeutronPhysicalBridge:
default: 'br-ex'
description: >
An OVS bridge to create on each hypervisor. This defaults to br-ex the
same as the control plane nodes, as we have a uniform configuration of
the openvswitch agent. Typically should not need to be changed.
type: string
HypervisorNeutronPublicInterface:
default: nic1
description: What interface to add to the HypervisorNeutronPhysicalBridge.
type: string
NodeCreateBatchSize:
default: 30
description: Maxiumum batch size for creating nodes
type: number
NovaAdditionalCell:
default: false
description: Whether this is an cell additional to the default cell.
type: boolean
NovaLocalMetadataPerCell:
default: false
description: >
Indicates that the nova-metadata API service has been deployed
per-cell, so that we can have better performance and data isolation in a
multi-cell deployment. Users should consider the use of this configuration
depending on how neutron is setup. If networks span cells, you might need
to run nova-metadata API service globally. If your networks are segmented
along cell boundaries, then you can run nova-metadata API service per cell.
When running nova-metadata API service per cell, you should also configure
each Neutron metadata-agent to point to the corresponding nova-metadata API
service.
type: boolean
BondInterfaceOvsOptions:
default: ''
description: The ovs_options or bonding_options string for the bond
interface. Set things like lacp=active and/or bond_mode=balance-slb
for OVS bonds or like mode=4 for Linux bonds using this option.
type: string
constraints:
- allowed_pattern: ^((?!balance.tcp).)*$
description: The balance-tcp bond mode is known to cause packet loss and
should not be used in BondInterfaceOvsOptions.
NetworkConfigWithAnsible:
description: NetworkConfig with ansible flag
type: boolean
default: True
# Jinja loop for Role in role_data.yaml
{% for role in roles %}
{%- if role.name == 'ComputeOvsDpdk' %}
NumDpdkInterfaceRxQueues:
description: Number of Rx Queues required for DPDK bond or DPDK ports
default: 1
type: number
{%- endif %}
{{role.name}}LocalMtu: # Override this via parameter_defaults
default: 1500
description: MTU to use for the Undercloud local_interface.
type: number
constraints:
- range: { min: 1000, max: 65536 }
{{role.name}}NetworkConfigTemplate:
description: {{role.name}} NetworkConfig Template
type: string
default: ''
{{role.name}}ExtraConfig:
default: {}
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
{%- if role.deprecated_param_extraconfig is defined %}
{{role.deprecated_param_extraconfig}}:
default: {}
description: |
DEPRECATED use {{role.name}}ExtraConfig instead
type: json
{%- endif %}
# Parameters generated for {{role.name}} Role
{{role.name}}Services:
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the {{role.name}} role.
type: comma_delimited_list
{{role.name}}NetworkConfigUpdate:
type: boolean
description: >
When set to "True", existing networks will be updated on the overcloud.
This parameter replaces the functionality previously provided by
NetworkDeploymentActions. Defaults to "False" so that only new nodes will
have their networks configured. This is a role based parameter.
default: False
{{role.name}}AnyErrorsFatal:
default: yes
type: string
{{role.name}}MaxFailPercentage:
default: 0
type: number
{{role.name}}Count:
description: Number of {{role.name}} nodes to deploy
type: number
default: {{role.CountDefault|default(0)}}
{{role.name}}HostnameFormat:
type: string
description: >
Format for {{role.name}} node hostnames
Note %index% is translated into the index of the node, e.g 0/1/2 etc
and %stackname% is replaced with the stack name e.g overcloud
{% if role.HostnameFormatDefault %}
default: "{{role.HostnameFormatDefault}}"
{% else %}
default: "%stackname%-{{role.name.lower()}}-%index%"
{% endif %}
{{role.name}}RemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from {{role.name}} ResourceGroup when
doing an update which requires removal of specific resources.
Example format ComputeRemovalPolicies: [{'resource_list': ['0']}]
{{role.name}}RemovalPoliciesMode:
default: append
type: string
description: >
How to handle change to RemovalPolicies for {{role.name}}
ResourceGroup when doing an update. Default mode 'append' will
append to the existing blacklist and 'update' would replace
the blacklist.
{{role.name}}SchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
{%- if role.deprecated_param_scheduler_hints is defined %}
{{role.deprecated_param_scheduler_hints}}:
type: json
description: DEPRECATED - use {{role.name}}SchedulerHints instead
default: {}
{%- endif %}
{{role.name}}Parameters:
type: json
description: Optional Role Specific parameters to be provided to service
default: {}
{{role.name}}ExtraGroupVars:
type: json
description: Optional extra Ansible group vars
default: {}
{{role.name}}ControlPlaneSubnet:
default: ctlplane-subnet
description: |
Name of the subnet on ctlplane network for this role.
type: string
{{role.name}}ServiceNetMap:
default: {}
description: |
Role specific ServiceNetMap overrides, the map provided will be merged
with the global ServiceNetMap when passing the ServiceNetMap to the
{{role.name}}ServiceChain resource and the {{role.name}} resource group.
For example:
{{role.name}}ServiceNetMap:
NovaLibvirtNetwork: internal_api_leaf2
type: json
{{role.name}}NetConfigOverride:
default: {}
description: |
Custom JSON data to be used to override the os-net-config config.
This is meant to be used by net_config_override parameter in tripleoclient
to provide an easy means to pass in custom net configs for the Undercloud.
type: json
{% endfor %}
# Identifiers to trigger tasks on nodes
UpdateIdentifier:
default: ''
type: string
description: >
Setting to a previously unused value during stack-update will trigger
package update on all nodes
DeployIdentifier:
default: ''
type: string
description: >
Setting this to a unique value will re-run any deployment tasks which
perform configuration on a Heat stack-update.
AddVipsToEtcHosts:
default: True
type: boolean
description: >
Set to true to append per network Vips to /etc/hosts on each node.
DeploymentServerBlacklist:
default: []
type: comma_delimited_list
description: >
List of server hostnames to blacklist from any triggered deployments.
GlobalConfigExtraMapData:
type: json
default: {}
description: Map of extra global_config_settings data to set on each node.
NetConfigDataLookup:
type: json
default: {}
description: >
Configure os-net-config mappings for specific nodes
Your environment file needs to look like:
parameter_defaults:
NetConfigDataLookup:
node1:
nic1: "00:c8:7c:e6:f0:2e"
node2:
nic1: "00:18:7d:99:0c:b6"
node3:
dmiString: 'system-uuid'
id: 'A8C85861-1B16-4803-8689-AFC62984F8F6'
nic1: em3
# Dell PowerEdge
nodegroup1:
dmiString: "system-product-name"
id: "PowerEdge R630"
nic1: em3
nic2: em1
nic3: em2
# Cisco UCS B200-M4"
nodegroup2:
dmiString: "system-product-name"
id: "UCSB-B200-M4"
nic1: enp7s0
nic2: enp6s0
This will result in the first node* entry where either a mac matches a
local device or a DMI String matches the specified id being written as a
mapping file for os-net-config. (/etc/os-net-config/mapping.yaml)
DnsServers: # Override this via parameter_defaults
default: []
description: >
DNS servers to use for the Overcloud (2 max for some implementations).
If not set the nameservers configured in the ctlplane subnet's
dns_nameservers attribute will be used.
type: comma_delimited_list
RootStackName:
description: The name of the stack/plan.
type: string
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
{% for role in roles %}
{%- if role.deprecated_param_scheduler_hints is defined or role.deprecated_param_extraconfig is defined %}
{%- if not parameter_groups_defined|default(false) %}
parameter_groups:
- label: deprecated
description: Do not use deprecated params, they will be removed.
parameters:
- DnsServers
{%- set parameter_groups_defined = true %}
{%- endif %}
{%- endif %}
{%- if role.deprecated_param_scheduler_hints is defined %}
- {{role.deprecated_param_scheduler_hints}}
{%- endif %}
{%- if role.deprecated_param_extraconfig is defined %}
- {{role.deprecated_param_extraconfig}}
{%- endif %}
{%- endfor %}
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
control_fixed_ip_not_set: {equals : [{get_param: ControlFixedIPs}, []]}
{%- for network in networks if network.name != 'External' %}
{{network.name_lower}}_virtual_fixed_ip_set:
not:
equals:
- get_param: {{network.name}}VirtualFixedIPs
- []
{%- endfor %}
public_virtual_fixed_ip_set:
not:
equals:
- get_param: PublicVirtualFixedIPs
- []
set_default_mysql_cell_internal:
or:
- equals:
- get_param: NovaAdditionalCell
- true
- and:
- equals:
- get_param: NovaAdditionalCell
- false
- equals:
- get_param: [EndpointMapOverride, MysqlCellInternal]
- ''
set_default_nova_vnc_proxy_cell_public:
or:
- equals:
- get_param: NovaAdditionalCell
- true
- and:
- equals:
- get_param: NovaAdditionalCell
- false
- equals:
- get_param: [EndpointMapOverride, NovaVNCProxyCellPublic]
- ''
set_default_nova_metadata_cell_internal:
or:
- equals:
- get_param: NovaLocalMetadataPerCell
- true
- and:
- equals:
- get_param: NovaLocalMetadataPerCell
- false
- equals:
- get_param: [EndpointMapOverride, NovaMetadataCellInternal]
- ''
dnsservers_set:
not:
equals: [{get_param: DnsServers}, []]
resources:
VipHosts:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
- str_replace:
template: IP HOST
params:
IP: {get_attr: [VipMap, net_ip_map, ctlplane]}
HOST: {get_param: CloudNameCtlplane}
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
- str_replace:
template: IP HOST
params:
IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
HOST: {get_param: CloudName}
{%- elif network.name == 'InternalApi' %}
# Special case the Internal API hostname param, which is CloudNameInternal
- str_replace:
template: IP HOST
params:
IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
HOST: {get_param: CloudNameInternal}
{%- elif network.name == 'StorageMgmt' %}
# Special case StorageMgmt hostname param, which is CloudNameStorageManagement
- str_replace:
template: IP HOST
params:
IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
HOST: {get_param: CloudNameStorageManagement}
{%- else %}
- str_replace:
template: IP HOST
params:
IP: {get_attr: [VipMap, net_ip_map, {{network.name_lower}}]}
HOST: {get_param: CloudName{{network.name}}}
{%- endif %}
{%- endfor %}
NetCidrMapValue:
type: OS::Heat::Value
properties:
type: json
value:
map_replace:
- map_merge:
- {get_attr: [Networks, net_cidr_map]}
# NOTE(hjensas): When ctlplane network and subnets are created by the
# undercloud installer, the subnet cidrs are added as tags.
- ctlplane: {get_attr: [ControlVirtualIP, network, tags]}
- keys:
ctlplane: {get_param: NeutronControlPlaneID}
NetIpVersionMapValue:
type: OS::Heat::Value
properties:
type: json
value:
map_replace:
- map_merge:
- {get_attr: [Networks, net_ip_version_map]}
- ctlplane: {get_attr: [ControlVirtualIP, subnets, 0, ip_version]}
- keys:
ctlplane: {get_param: NeutronControlPlaneID}
ServiceNetMap:
type: OS::TripleO::ServiceNetMap
EndpointMap:
type: OS::TripleO::EndpointMap
properties:
CloudEndpoints:
ctlplane: {get_param: CloudNameCtlplane}
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
{{network.name_lower}}: {get_param: CloudName}
{%- elif network.name == 'InternalApi' %}
# Special case the Internal API hostname param, which is CloudNameInternal
{{network.name_lower}}: {get_param: CloudNameInternal}
{%- elif network.name == 'StorageMgmt' %}
# Special case StorageMgmt hostname param, which is CloudNameStorageManagement
{{network.name_lower}}: {get_param: CloudNameStorageManagement}
{%- else %}
{{network.name_lower}}: {get_param: CloudName{{network.name}}}
{%- endif %}
{%- endfor %}
NetIpMap: {get_attr: [VipMap, net_ip_map]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
EndpointMapData:
type: OS::Heat::Value
properties:
type: json
value:
map_merge:
- {get_attr: [EndpointMap, endpoint_map]}
- {get_param: EndpointMapOverride}
# For parent stack we must set these to the local endpoints
# For split-controlplane stacks that are nova cells we must set
# these to the local endpoints
# For split-controlplane stacks that are not nova cells we should
# take these from EndpointMapOverride (i.e the parent stack)
- if:
- set_default_mysql_cell_internal
- MysqlCellInternal: {get_attr: [EndpointMap, endpoint_map, MysqlInternal]}
- {}
- if:
- set_default_nova_vnc_proxy_cell_public
- NovaVNCProxyCellPublic: {get_attr: [EndpointMap, endpoint_map, NovaVNCProxyPublic]}
- {}
- if:
- set_default_nova_metadata_cell_internal
- NovaMetadataCellInternal: {get_attr: [EndpointMap, endpoint_map, NovaMetadataInternal]}
- {}
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# Bootstraps an ntp configuration and includes a hardware clock sync to
# for containers.
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeTimesyncUserData:
type: OS::TripleO::NodeTimesyncUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
# Jinja loop for Role in roles_data.yaml
{% for role in roles %}
# Resources generated for {{role.name}} Role
{{role.name}}ServiceChain:
type: OS::TripleO::{{role.name}}Services
properties:
Services:
get_param: {{role.name}}Services
ServiceNetMap:
map_merge:
- {get_attr: [ServiceNetMap, service_net_map]}
- {get_param: {{role.name}}ServiceNetMap}
ServiceData:
net_cidr_map: {get_attr: [NetCidrMapValue, value]}
net_vip_map: {get_attr: [VipMap, net_ip_map]}
net_ip_version_map: {get_attr: [NetIpVersionMapValue, value]}
vip_subnet_map: {get_attr: [ServiceNetMap, vip_subnet_map]}
EndpointMap: {get_attr: [EndpointMapData, value]}
RoleName: {{role.name}}
RoleParameters:
map_merge:
- {{role.RoleParametersDefault|default({})}}
- get_param: {{role.name}}Parameters
# Lookup of role_data via heat outputs is slow, so workaround this by caching
# the value in an OS::Heat::Value resource
{{role.name}}ServiceChainRoleData:
type: OS::Heat::Value
properties:
type: json
value: {get_attr: [{{role.name}}ServiceChain, role_data]}
{{role.name}}ConfigData:
type: OS::Heat::Value
properties:
type: json
value:
service_configs: {get_attr: [{{role.name}}ServiceConfigSettings, value]}
service_names: {get_attr: [{{role.name}}ServiceNames, value]}
role_extraconfig:
map_merge:
- tripleo::profile::base::metrics::collectd::sensubility::subscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
- tripleo_collectd_sensubility_subscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
{%- if role.deprecated_param_extraconfig is defined %}
- {get_param: {{role.deprecated_param_extraconfig}}}
{%- endif %}
- {get_param: {{role.name}}ExtraConfig}
extraconfig: {get_param: ExtraConfig}
hieradata_files:
- '%{::uuid}'
- fqdn
- docker_puppet # Optionally provided by container-puppet.sh
- ansible_managed
- heat_config_%{::deploy_config_name}
- config_step
- role_extraconfig
- extraconfig
- pci_passthrough_whitelist
- service_names
- service_configs
- cloud_domain
- bootstrap_node # provided by tripleo_hieradata
- all_nodes # provided by tripleo_hieradata
- vip_data # provided by tripleo_hieradata
- net_ip_map
- ovn_chassis_mac_map # provided by tripleo_hieradata
- '%{::osfamily}'
# The following are required for compatibility with the Controller role
# where some vendor integrations added hieradata via ExtraConfigPre
- neutron_bigswitch_data # Optionally provided by Controller/ComputeExtraConfigPre
# Special variable for upgrade
- upgrade
{{role.name}}ServiceConfigSettings:
type: OS::Heat::Value
properties:
type: json
value:
map_merge:
- get_param: GlobalConfigExtraMapData
- get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings]
{% for r in roles %}
- get_attr: [{{r.name}}ServiceChainRoleData, value, global_config_settings]
{% endfor %}
# This next step combines two yaql passes:
# - The inner one does a deep merge on the service_config_settings for all roles
# - The outer one filters the map based on the services enabled for the role
# then merges the result into one map.
- yaql:
expression: let(root => $) -> $.data.map.items().where($[0] in coalesce($root.data.services, [])).select($[1]).reduce($1.mergeWith($2), {})
data:
map:
yaql:
expression: $.data.where($ != null).reduce($1.mergeWith($2), {})
data:
{% for r in roles %}
- get_attr: [{{r.name}}ServiceChainRoleData, value, service_config_settings]
{% endfor %}
services: {get_attr: [{{role.name}}ServiceNames, value]}
# Filter any null/None service_names which may be present due to mapping
# of services to OS::Heat::None
{{role.name}}ServiceNames:
type: OS::Heat::Value
depends_on: {{role.name}}ServiceChain
properties:
type: comma_delimited_list
value:
yaql:
expression: let(root => $) -> distinct($.data.extra_services.items().where($[0] in coalesce($root.data.enabled_services, [])).select($[1]).flatten() + coalesce($root.data.enabled_services, []))
data:
enabled_services: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_names]}
extra_services:
# If anything other than keystone needs this
# then we should add an extra_networks interface
# to the service templates role_data but for
# now we hard-code the keystone special case
keystone:
- keystone_admin_api
- keystone_public_api
{{role.name}}IpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
properties:
ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]}
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
{{network.name}}IpList: {get_attr: [{{role.name}}, {{network.name_lower}}_ip_address]}
{%- endfor %}
RoleNetworks:
- ctlplane
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
- {{network.name_lower}}
{%- endfor %}
EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
ServiceHostnameList: {get_attr: [{{role.name}}, hostname]}
NetworkHostnameMap: {get_attr: [{{role.name}}NetworkHostnameMap, value]}
{{role.name}}NetworkHostnameMap:
type: OS::Heat::Value
properties:
type: json
value:
# Note (shardy) this somewhat complex yaql may be replaced
# with a map_deep_merge function in ocata. It merges the
# list of maps, but appends to colliding lists so we can
# create a map of lists for all nodes for each network
yaql:
expression: dict($.data.where($ != null).flatten().selectMany($.items()).groupBy($[0], $[1]).select([$[0], $[1].flatten()]))
data:
- {get_attr: [{{role.name}}, hostname_map]}
# Combine the NodeAdminUserData and NodeUserData mime archives
{{role.name}}UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeTimesyncUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
- config: {get_resource: {{role.name}}RoleUserData}
type: multipart
# For optional operator role-specific userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
{{role.name}}RoleUserData:
type: OS::TripleO::{{role.name}}::NodeUserData
{{role.name}}:
type: OS::Heat::ResourceGroup
depends_on: Networks
update_policy:
batch_create:
max_batch_size: {get_param: NodeCreateBatchSize}
properties:
count: {get_param: {{role.name}}Count}
removal_policies: {get_param: {{role.name}}RemovalPolicies}
removal_policies_mode: {get_param: {{role.name}}RemovalPoliciesMode}
resource_def:
type: OS::TripleO::{{role.name}}
properties:
CloudDomain: {get_param: CloudDomain}
ServiceNetMap:
map_merge:
- {get_attr: [ServiceNetMap, service_net_map]}
- {get_param: {{role.name}}ServiceNetMap}
EndpointMap: {get_attr: [EndpointMapData, value]}
Hostname:
str_replace:
template: {get_param: {{role.name}}HostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
NodeIndex: '%index%'
# Note, SchedulerHints must be defined here, not only in the
# nested template, as it can contain %index%
{{role.name}}SchedulerHints:
map_merge:
{%- if role.deprecated_param_scheduler_hints is defined %}
- {get_param: {{role.deprecated_param_scheduler_hints}}}
{%- endif %}
- {get_param: {{role.name}}SchedulerHints}
ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]}
ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
OVNBridgeMappings: {get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings, 'ovn::controller::ovn_bridge_mappings']}
DeploymentServerBlacklistDict: {get_attr: [DeploymentServerBlacklistDict, value]}
RoleParameters:
map_merge:
- {{role.RoleParametersDefault|default({})}}
- get_param: {{role.name}}Parameters
UserData: {get_resource: {{role.name}}UserData}
{%- endfor %}
{%- for role in roles %}
{{role.name}}Servers:
type: OS::Heat::Value
depends_on: {{role.name}}
properties:
type: json
value:
yaql:
expression: let(servers=>switch(isDict($.data.servers) => $.data.servers, true => {})) -> $servers.deleteAll($servers.keys().where($servers[$] = null))
data:
servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{%- endfor %}
# This is a different format to *Servers, as it creates a map of lists
# whereas *Servers creates a map of maps with keys of the nested resource names
ServerIdMap:
type: OS::Heat::Value
properties:
value:
server_ids:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}, nova_server_resource]}
{%- endfor %}
bootstrap_server_id:
yaql:
expression: coalesce($.data, []).first(null)
data: {get_attr: [{{primary_role_name}}, nova_server_resource]}
# This resource just creates a dict out of the DeploymentServerBlacklist,
# which is a list. The dict is used in the role templates to set a condition
# on whether to create the deployment resources. We can't use the list
# directly because there is no way to ask Heat if a list contains a specific
# value.
DeploymentServerBlacklistDict:
type: OS::Heat::Value
properties:
type: json
value:
map_merge:
repeat:
template:
hostname: 1
for_each:
hostname: {get_param: DeploymentServerBlacklist}
HostsEntryValue:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
list_concat:
- - {get_param: UndercloudHostsEntries}
- - if:
- add_vips_to_etc_hosts
- {get_attr: [VipHosts, value]}
- []
{%- for role in roles %}
- {get_attr: [{{role.name}}, hosts_entry]}
{%- endfor %}
- - {get_param: ExtraHostFileEntries}
CloudNames:
type: OS::Heat::Value
properties:
value:
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
cloud_name_{{network.name_lower}}: {get_param: CloudName}
{%- elif network.name == 'InternalApi' %}
# Special case the Internal API hostname param, which is CloudNameInternal
cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal}
{%- elif network.name == 'StorageMgmt' %}
# Special case StorageMgmt hostname param, which is CloudNameStorageManagement
cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement}
{%- else %}
cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}}
{%- endif %}
{%- endfor %}
cloud_name_ctlplane: {get_param: CloudNameCtlplane}
GlobalConfig:
type: OS::Heat::Value
properties:
type: json
value:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, global_config_settings]
{% endfor %}
# creates the network architecture
Networks:
type: OS::TripleO::Network
properties:
CtlplaneNetworkCidrs: {get_attr: [ControlVirtualIP, network, tags]}
# NOTE(tkajinam): Backend services and haproxy might be running in different
# nodes, so we need to gather all frontend firewall rules
# across all roles and pass the combined data to firewall
# configuration task in the node where haproxy (or edge
# haproxy) is assigned to.
FirewallFrontendRules:
type: OS::Heat::Value
properties:
type: json
value:
frontend:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, firewall_frontend_rules]
{% endfor %}
ssl_frontend:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, firewall_ssl_frontend_rules]
{% endfor %}
edge_frontend:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, firewall_edge_frontend_rules]
{% endfor %}
edge_ssl_frontend:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, firewall_edge_ssl_frontend_rules]
{% endfor %}
{%- for role in roles %}
{{role.name}}GroupVars:
type: OS::Heat::Value
properties:
value:
ctlplane_mtu: {get_attr: [Networks, net_attributes_map, ctlplane, network, mtu]}
ctlplane_gateway_ip: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]}
ctlplane_dns_nameservers:
if:
- dnsservers_set
- {get_param: DnsServers}
- {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, dns_nameservers]}
ctlplane_subnet_cidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, cidr]}, 1]}
ctlplane_host_routes:
list_concat_unique:
- {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]}
{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %}
- - default: true
next_hop: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]}
{%- endif %}
# MTU is not filtered on role.networks, for DVR we need the External MTU on the exteranl_bridge
{% for network in networks if network.enabled|default(true) %}
{{network.name_lower}}_mtu: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, network, mtu]}
{%- endfor %}
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
{%- if role.networks is mapping %}
{%- set _role_net_subnet = role.networks[network.name]['subnet'] %}
{%- else %}
{%- set _role_net_subnet = network.name_lower + '_subnet' %}
{%- endif %}
{{network.name_lower}}_gateway_ip: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]}
{{network.name_lower}}_host_routes:
list_concat_unique:
- {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]}
{%- if role.default_route_networks is defined and network.name in role.default_route_networks %}
- - default: true
next_hop: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]}
{%- endif %}
{{network.name_lower}}_cidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, cidr]}, 1]}
{{network.name_lower}}_vlan_id:
yaql:
expression: >
switch(not isList($.data) => 1,
not $.data.where($.startsWith('tripleo_vlan_id')).len() => 1,
true => int($.data.where($.startsWith('tripleo_vlan_id')).first().split('=').last()))
data: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, tags]}
{%- endfor %}
network_cidrs:
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
{%- if role.networks is mapping %}
{%- set _role_net_subnet = role.networks[network.name]['subnet'] %}
{%- else %}
{%- set _role_net_subnet = network.name_lower + '_subnet' %}
{%- endif %}
{{network.name}}_cidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, cidr]}, 1]}
{%- endfor %}
dns_search_domains: {get_param: DnsSearchDomains}
bond_interface_ovs_options: {get_param: BondInterfaceOvsOptions}
local_mtu: {get_param: {{role.name}}LocalMtu}
role_networks:
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
- {{network.name}}
{%- endfor %}
networks_lower:
{%- for network in networks if network.enabled|default(true) %}
{{network.name}}: {{network.name_lower}}
{%- endfor %}
networks_all:
{%- for network in networks if network.enabled|default(true) %}
- {{network.name}}
{%- endfor %}
service_metadata_settings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
tripleo_network_config_template: {get_param: {{role.name}}NetworkConfigTemplate}
tripleo_network_config_with_ansible: {get_param: NetworkConfigWithAnsible}
default_route_networks: {{role.default_route_networks|default(['ControlPlane'])}}
networks_skip_config: {{ role.networks_skip_config|default([]) }}
tripleo_firewall_rules: {get_attr: [{{role.name}}ServiceChainRoleData, value, firewall_rules]}
tripleo_firewall_frontend_rules: {get_attr: [FirewallFrontendRules, value, frontend]}
tripleo_firewall_ssl_frontend_rules: {get_attr: [FirewallFrontendRules, value, ssl_frontend]}
tripleo_firewall_edge_frontend_rules: {get_attr: [FirewallFrontendRules, value, edge_frontend]}
tripleo_firewall_edge_ssl_frontend_rules: {get_attr: [FirewallFrontendRules, value, edge_ssl_frontend]}
role_tags: {{role.tags}}
{{role.name}}NetworkConfig:
type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
properties:
ControlPlaneIp: "{{ '{{' }} ctlplane_ip {{ '}}' }}"
ControlPlaneSubnetCidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, cidr]}, 1]}
ControlPlaneDefaultRoute: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]}
ControlPlaneStaticRoutes:
list_concat_unique:
- {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]}
{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %}
- - default: true
next_hop: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]}
{%- endif %}
ControlPlaneMtu: {get_attr: [Networks, net_attributes_map, ctlplane, network, mtu]}
DnsServers:
if:
- dnsservers_set
- {get_param: DnsServers}
- {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, dns_nameservers]}
{%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %}
{%- if role.networks is mapping %}
{%- set _role_net_subnet = role.networks[network.name]['subnet'] %}
{%- else %}
{%- set _role_net_subnet = network.name_lower + '_subnet' %}
{%- endif %}
{{network.name}}IpSubnet: "{{ '{{' }} {{network.name_lower}}_ip ~ '/' ~ {{network.name_lower}}_cidr {{ '}}' }}"
{{network.name}}InterfaceRoutes:
list_concat_unique:
- {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]}
{%- if role.default_route_networks is defined and network.name in role.default_route_networks %}
- - default: true
next_hop: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]}
{%- endif %}
{{network.name}}Mtu: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, network, mtu]}
{{network.name}}NetworkVlanID:
yaql:
expression: >
switch(not isList($.data) => 1,
not $.data.where($.startsWith('tripleo_vlan_id')).len() => 1,
true => int($.data.where($.startsWith('tripleo_vlan_id')).first().split('=').last()))
data: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, tags]}
{%- if role.default_route_networks is defined and network.name in role.default_route_networks %}
{{network.name}}InterfaceDefaultRoute: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]}
{%- endif %}
{%- endfor %}
{%- endfor %}
ControlVirtualIP:
depends_on: ServiceNetMap
type: OS::TripleO::Network::Ports::ControlPlaneVipPort
properties:
name: control_virtual_ip
dns_name: {str_split: ['.', {get_param: CloudNameCtlplane}, 0]}
network: {get_param: NeutronControlPlaneID}
fixed_ips:
if:
- control_fixed_ip_not_set
- [{subnet: {get_attr: [ServiceNetMap, vip_subnet_map, ctlplane]}}]
- get_param: ControlFixedIPs
replacement_policy: AUTO
tags:
- tripleo_vip_net=ctlplane
- str_replace:
template: tripleo_stack_name=$STACK_NAME
params:
$STACK_NAME: {get_param: 'OS::stack_name'}
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
# The public VIP is on the External net, falls back to ctlplane
PublicVirtualIP:
{%- else %}
{{network.name}}VirtualIP:
{%- endif %}
depends_on: [Networks, ServiceNetMap]
type: OS::TripleO::Network::Ports::{{network.name}}VipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ControlPlaneSubnetCidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_attr: [ServiceNetMap, vip_subnet_map, ctlplane]}, cidr]}, 1]}
PortName: {{network.name_lower}}_virtual_ip
{%- if network.name == 'External' %}
DnsName: {str_split: ['.', {get_param: CloudName}, 0]}
{%- elif network.name == 'InternalApi' %}
DnsName: {str_split: ['.', {get_param: CloudNameInternal}, 0]}
{%- elif network.name == 'StorageMgmt' %}
DnsName: {str_split: ['.', {get_param: CloudNameStorageManagement}, 0]}
{%- elif network.name not in ['External', 'InternalApi', 'StorageMgmt'] %}
DnsName: {str_split: ['.', {get_param: CloudName{{network.name}}}, 0]}
{%- endif %}
FixedIPs:
if:
{%- if network.name == 'External' %}
- public_virtual_fixed_ip_set
- {get_param: PublicVirtualFixedIPs}
{%- else %}
- {{network.name_lower}}_virtual_fixed_ip_set
- {get_param: {{network.name}}VirtualFixedIPs}
{%- endif %}
- [{subnet: {get_attr: [ServiceNetMap, vip_subnet_map, {{network.name}}]}}]
IsVirtualIP: true
{%- endfor %}
VipMap:
type: OS::TripleO::Network::Ports::NetVipMap
properties:
ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ControlPlaneSubnetCidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_attr: [ServiceNetMap, vip_subnet_map, ctlplane]}, cidr]}, 1]}
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{%- if network.name == 'External' %}
ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
{%- else %}
{{network.name}}Ip: {get_attr: [{{network.name}}VirtualIP, ip_address]}
{{network.name}}IpUri: {get_attr: [{{network.name}}VirtualIP, ip_address_uri]}
{%- endif %}
{%- endfor %}
# No tenant or management VIP required
# Because of nested get_attr functions in the KeystoneAdminVip output, we
# can't determine which attributes of VipMap are used until after
# ServiceNetMap's attribute values are available.
depends_on: ServiceNetMap
# Optional ExtraConfig for all nodes - all roles are passed in here, but
# the nested template may configure each role differently (or not at all)
AllNodesExtraConfig:
type: OS::TripleO::AllNodesExtraConfig
properties:
servers:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{%- endfor %}
BlacklistedIpAddresses:
type: OS::Heat::Value
properties:
value:
list_concat:
{%- for role in roles %}
- {get_attr: [{{role.name}}, blacklist_ip_address]}
{%- endfor %}
AnsibleHostVars:
type: OS::Heat::Value
properties:
type: json
value:
{%- for role in roles %}
{{role.name}}:
map_merge:
list_concat:
- {get_attr: [{{role.name}}, ansible_host_vars_map]}
{%- endfor %}
BlacklistedHostnames:
type: OS::Heat::Value
properties:
value:
list_concat:
{%- for role in roles %}
- {get_attr: [{{role.name}}, blacklist_hostname]}
{%- endfor %}
# Post deployment steps for all roles
AllNodesDeploySteps:
type: OS::TripleO::PostDeploySteps
depends_on:
- AllNodesExtraConfig
properties:
servers:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{%- endfor %}
EndpointMap: {get_attr: [EndpointMapData, value]}
role_data:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
{%- endfor %}
{%- for role in roles %}
{{role.name}}Count: {get_param: {{role.name}}Count}
{%- endfor %}
ServiceNetMapLower: {get_attr: [ServiceNetMap, service_net_map_lower]}
PingTestGatewayIPsMap:
{%- for role in roles %}
{{role.name}}:
yaql:
expression: list($.data.where($ != null and len($) > 0)).flatten()
data:
- {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]}
{%- for network in networks %}
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
{%- if role.networks is mapping %}
{%- set _role_net_subnet = role.networks[network.name]['subnet'] %}
{%- else %}
{%- set _role_net_subnet = network.name_lower + '_subnet' %}
{%- endif %}
- {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{ _role_net_subnet }}, gateway_ip]}
{%- endif %}
{%- endfor %}
{%- endfor %}
PingTestIpsMap:
{%- for role in roles %}
{{role.name}}:
list_join:
- ' '
- - yaql:
expression: coalesce($.data, []).first(null)
data: {get_attr: [{{role.name}}, ip_address]}
{%- for network in networks %}
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
- yaql:
expression: coalesce($.data, []).first(null)
data: {get_attr: [{{role.name}}, {{network.name_lower}}_ip_address]}
{%- endif %}
{%- endfor %}
{%- endfor %}
HostsEntry: {get_attr: [HostsEntryValue, value]}
EnabledServices:
list_concat:
{%- for role in roles %}
- {get_attr: [{{role.name}}ServiceNames, value]}
{%- endfor %}
ControlVirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
EnabledNetworks:
{%- for network in networks if network.enabled|default(true) %}
- {{ network.name }}
{%- endfor %}
NetVipMap: {get_attr: [VipMap, net_ip_map]}
CloudNames: {get_attr: [CloudNames, value]}
UndercloudHostsEntries: {get_param: UndercloudHostsEntries}
ExtraHostsEntries: {get_param: ExtraHostFileEntries}
VipHostsEntries:
if:
- add_vips_to_etc_hosts
- {get_attr: [VipHosts, value]}
- []
KeystoneResourcesConfigs:
map_merge:
{% for role in roles %}
- get_attr: [{{role.name}}ServiceChainRoleData, value, keystone_resources]
{% endfor %}
NetCidrMap: {get_attr: [NetCidrMapValue, value]}
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
value: true
KeystoneURL:
description: URL for the Overcloud Keystone service
value: {get_attr: [EndpointMapData, value, KeystonePublic, uri_no_suffix]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
# Note that these nested get_attr functions require a dependency
# relationship between VipMap and ServiceNetMap, since we can't determine
# which attributes of VipMap are used until after ServiceNetMap's attribute
# values are available. If this is ever reworked to not use nested
# get_attr, that dependency can be removed.
value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
EndpointMap:
description: |
Mapping of the resources with the needed info for their endpoints.
This includes the protocol used, the IP, port and also a full
representation of the URI.
value: {get_attr: [EndpointMapData, value]}
HostsEntry:
description: |
The content that should be appended to your /etc/hosts if you want to get
hostname-based access to the deployed nodes (useful for testing without
setting up a DNS).
value:
list_concat_unique:
- {get_attr: [HostsEntryValue, value]}
- {get_attr: [VipHosts, value]}
EnabledServices:
description: The services enabled on each role
value:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceNames, value]}
{%- endfor %}
RoleData:
description: The configuration data associated with each role
value:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
{%- endfor %}
RoleConfig:
description: The configuration workflows associated with each role
value: {get_attr: [AllNodesDeploySteps, RoleConfig]}
RoleNetIpMap:
description: Mapping of each network to a list of IPs for each role
value:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}IpListMap, net_ip_map]}
{%- endfor %}
RoleGroupVars:
description: Mapping of roles to ansible group_vars to be applied config in those roles
value:
{%- for role in roles %}
{{role.name}}:
map_merge:
- {get_attr: [{{role.name}}GroupVars, value]}
- {get_attr: [{{role.name}}ConfigData, value]}
- any_errors_fatal: {get_param: {{role.name}}AnyErrorsFatal}
max_fail_percentage: {get_param: {{role.name}}MaxFailPercentage}
neutron_physical_bridge_name: {get_param: NeutronPhysicalBridge}
neutron_public_interface_name: {get_param: NeutronPublicInterface}
network_config_update: {get_param: {{role.name}}NetworkConfigUpdate}
tripleo_network_config_os_net_config_mappings: {get_param: NetConfigDataLookup}
deployed_server_port_map: {get_param: DeployedServerPortMap}
tripleo_network_config_override: {get_param: {{role.name}}NetConfigOverride}
tripleo_stack_name: {get_param: RootStackName}
{%- if role.name == 'ComputeOvsDpdk' %}
num_dpdk_interface_rx_queues: {get_param: NumDpdkInterfaceRxQueues}
{%- endif %}
- {get_param: {{role.name}}ExtraGroupVars}
{%- endfor %}
RoleNetHostnameMap:
description: Mapping of each network to a list of hostnames for each role
value:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}NetworkHostnameMap, value]}
{%- endfor %}
RoleTags:
description: Tags for each role, as defined in roles_data.yaml
value:
{%- for role in roles %}
{{role.name}}: {{role.tags|default([])}}
{%- endfor %}
VipMap:
description: Mapping of each network to VIP addresses. Also includes the Redis and OVN DBs VIPs.
value: {get_attr: [VipMap, net_ip_map]}
ServerIdData:
description: Mapping of each role to a list of nova server IDs and the bootstrap ID
value: {get_attr: [ServerIdMap, value]}
BlacklistedHostnames:
description: List of blacklisted hostnames
value: {get_attr: [BlacklistedHostnames, value]}
BlacklistedIpAddresses:
description: List of blacklisted ctlplane IP addresses
value: {get_attr: [BlacklistedIpAddresses, value]}
GlobalConfig:
description: The global_config (hieradata).
value: {get_attr: [GlobalConfig, value]}
RoleNetworkConfigMap:
description: Mapping of roles to network config
value:
{%- for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}NetworkConfig, config]}
{%- endfor %}
AnsibleHostVarsMap:
description: Map of Ansible Host variables per role
value: {get_attr: [AnsibleHostVars, value]}
TripleoHeatTemplatesJinja2RenderingDataSources:
description: The role_data and the network_data used when rendering the THT Jinja2 templates
value:
roles_data: {{ roles }}
networks_data: {{ networks }}
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
value: {get_param: AdminPassword}
KeystoneRegion:
description: Keystone region for endpoint
value: {get_param: KeystoneRegion}